package com.woniu.web.config;


import com.woniu.common.entity.TbJpUserPart;
import com.woniu.shiro.pojo.Trees;
import com.woniu.web.service.TbJpPermissionService;
import com.woniu.web.service.TbJpUserPartService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;


import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

@Component
public class MyRealm extends AuthorizingRealm {
    @Resource
    TbJpPermissionService permissionService;
    @Resource
    TbJpUserPartService partService;
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("授权本身应该来自于数据库");
        Long phone = (Long)principalCollection.getPrimaryPrincipal();
        //根据用户查询当前用户所拥有的角色，权限
        List<Trees> trees = permissionService.UserIdToCheckPermissionByPhone(phone);

        Set<String> permissions = new HashSet();

        for (Trees tree : trees) {
            if(tree.getUrl()!=null){
                String inner = tree.getUrl().substring(0,tree.getUrl().lastIndexOf("/")+1);  //   /nation/
                permissions.add(inner+":**");
            }
        }

//        if("admin".equals(uname)) {
//            permissions.add("/userinfo/:**");
//            permissions.add("/student/:**");
//        }else if("abc".equals(uname)) {
//            permissions.add("/student/:**");
//        }else {
//            permissions.add("/userinfo/:**");
//        }
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermissions(permissions);
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("登陆");
        String uname =  (String)authenticationToken.getPrincipal();
        TbJpUserPart info = partService.findByUname(uname);
        if(info==null) {
            throw new UnknownAccountException("没有当前账号"+uname);
        }

        SimpleAuthenticationInfo simpleAuthenticationInfo  = new SimpleAuthenticationInfo(info.getPhone(), info.getPassword(), getName());
        //清除之前的授权信息
        super.clearCachedAuthorizationInfo(simpleAuthenticationInfo.getPrincipals());
        HttpServletRequest request= ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        request.getSession().setAttribute("info", info);
        // 存入用户对象
        //SecurityUtils.getSubject().getSession().setAttribute("login", info);
        // 返回给安全管理器，securityManager，由securityManager比对数据库查询出的密码和页面提交的密码
        // 如果有问题，向上抛异常，一直抛到控制器
        return simpleAuthenticationInfo;

    }
}
